New Trojan Is 'Most Sophisticated' Android Malware Yet

Below:

Next story in Tech and gadgets

It seems like every other week, we hear of a new piece of malware
that's been wreaking havoc on Android phones. But a new Trojan
uncovered by Russian security firm Kaspersky Lab stands head and
shoulders above the ever-growing crowd of Android-targeted
malware.

What the malware, technically named Backdoor.AndroidOS.Obad.a,
does is nothing new: It sends text messages, or SMS, to premium
numbers, as the charges accrue on the infected-Android user's
account.

In addition, the Trojan gathers personal data stored on the phone
and sends it to a remote server controlled by the cybercriminals
who created it.

But how the criminals actually carry out the cyberattack is much
more interesting — and more dangerous. The coders of this
malware obviously know what they're doing.

In addition to encrypting their code more heavily than most
cybercriminals, they discovered three previously unknown bugs in
Android software, two of which are in the Android operating
system itself. The Trojan exploits these vulnerabilities to
penetrate infected Android phones as well as disguise its tracks.

One of these vulnerabilities allows Backdoor.AndroidOS.Obad.a to
take Device Administrator privileges on the infected Android.
That means it has access to all of the phone's data, programs and
other functions.

However, the Trojan won't appear on the list of programs with
Device Administrator privileges, so it's impossible to delete it
from the phone. In fact, the Trojan doesn't use an interface at
all. Like all malicious programs, it does present an initial
installation request on the screen, usually with language that
tries to trick the user into clicking OK.

It's rare to see such advanced obfuscation techniques in mobile
malware, Kaspersky Labs said. The firm was the first to uncover
the Trojan, calling it the "most sophisticated" malware program
it has seen for Android to date.

"At a glance, we knew this one was special," security expert
Roman Unuchek
wrote on SecureList, the company's research blog.

Kaspersky Labs' Android anti-virus software is now able to detect
Backdoor.AndroidOS.Obad.a and prevent it from compromising the
infected device. The company has also notified Google of the bugs
the malware exploited.